diff --git a/config/prod.exs b/config/prod.exs
index 5ab7c166..1e8ab4ad 100644
--- a/config/prod.exs
+++ b/config/prod.exs
@@ -19,11 +19,18 @@ config :challenge_gov, Web.Endpoint,
 config :challenge_gov, ChallengeGov.Repo,
   url: System.get_env("DATABASE_URL"),
   ssl: true,
-  ssl_opts: [
+  ssl_opts = [
     cacertfile: "priv/certs/us-gov-west-1-bundle.pem",
-    verify: :verify_none,
-    versions: [:"tlsv1.2", :"tlsv1.3"]
+    server_name_indication: "cg-aws-broker-prodo0g0lv1irkwn9f3.ci7nkegdizyy.us-gov-west-1.rds.amazonaws.com",
+    verify: :verify_peer,
+    # using erlang library ssl_verify_fun for ssl verification
+    verify_fun: {&:ssl_verify_hostname.verify_fun/3, [check_hostname: "cg-aws-broker-prodo0g0lv1irkwn9f3.ci7nkegdizyy.us-gov-west-1.rds.amazonaws.com"]}
   ],
+  # ssl_opts: [
+  #   cacertfile: "priv/certs/us-gov-west-1-bundle.pem",
+  #   verify: :verify_none,
+  #   versions: [:"tlsv1.2", :"tlsv1.3"]
+  # ],
   pool_size: String.to_integer(System.get_env("POOL_SIZE") || "15"),
   loggers: [{LoggerJSON.Ecto, :log, [:info]}]